CVE List - 2023 / October
Showing 1901 - 2000 of 2690 CVEs for October 2023 (Page 20 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-45755 | 2023-10-24 | WordPress BuddyPress Global Search Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25032 | 2023-10-24 | WordPress Print, PDF, Email by PrintFriendly Plugin <= 5.5.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45756 | 2023-10-24 | WordPress ApplyOnline – Application Form Builder and Manager Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45758 | 2023-10-24 | WordPress Amministrazione Trasparente Plugin <= 8.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45759 | 2023-10-24 | WordPress Peter’s Custom Anti-Spam Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39924 | 2023-10-24 | WordPress Simple File List Plugin <= 6.1.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45761 | 2023-10-24 | WordPress Sendle Shipping Plugin <= 5.13 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45764 | 2023-10-24 | WordPress Scroll post excerpt Plugin <= 8.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45767 | 2023-10-24 | WordPress Simple Tweet Plugin <= 1.4.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45768 | 2023-10-24 | WordPress Next Page Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45769 | 2023-10-24 | WordPress WP Report Post Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45832 | 2023-10-24 | WordPress WP GoToWebinar Plugin <= 14.45 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45770 | 2023-10-24 | WordPress Fast WP Speed Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45772 | 2023-10-24 | WordPress Proofreading Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45829 | 2023-10-24 | WordPress Newsletter & Bulk Email Sender Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45833 | 2023-10-24 | WordPress LeadSquared Suite Plugin <= 0.7.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45835 | 2023-10-24 | WordPress Libsyn Publisher Hub Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5721 | 2023-10-24 | It was possible for certain browser prompts and dialogs to... |
| CVE-2023-5722 | 2023-10-24 | Using iterative requests an attacker was able to learn the... |
| CVE-2023-5723 | 2023-10-24 | An attacker with temporary script access to a site could... |
| CVE-2023-5724 | 2023-10-24 | Drivers are not always robust to extremely large draw calls... |
| CVE-2023-5725 | 2023-10-24 | A malicious installed WebExtension could open arbitrary URLs, which under... |
| CVE-2023-5726 | 2023-10-24 | A website could have obscured the full screen notification by... |
| CVE-2023-5727 | 2023-10-24 | The executable file warning was not presented when downloading .msix,... |
| CVE-2023-5728 | 2023-10-24 | During garbage collection extra operations were performed on a object... |
| CVE-2023-5729 | 2023-10-24 | A malicious web site can enter fullscreen mode while simultaneously... |
| CVE-2023-5730 | 2023-10-24 | Memory safety bugs present in Firefox 118, Firefox ESR 115.3,... |
| CVE-2023-5731 | 2023-10-24 | Memory safety bugs present in Firefox 118. Some of these... |
| CVE-2023-5732 | 2023-10-24 | An attacker could have created a malicious link using bidirectional... |
| CVE-2023-45837 | 2023-10-24 | WordPress Ultimate Taxonomy Manager Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46068 | 2023-10-24 | WordPress Maileon Plugin <= 2.16.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46069 | 2023-10-24 | WordPress Ajax Archive Calendar Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46070 | 2023-10-24 | WordPress EG-Attachments Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46071 | 2023-10-24 | WordPress Protección de Datos RGPD Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5745 | 2023-10-24 | The Reusable Text Blocks plugin for WordPress is vulnerable to... |
| CVE-2023-5127 | 2023-10-24 | The WP Font Awesome plugin for WordPress is vulnerable to... |
| CVE-2023-5085 | 2023-10-24 | The Advanced Menu Widget plugin for WordPress is vulnerable to... |
| CVE-2023-5110 | 2023-10-24 | The BSK PDF Manager plugin for WordPress is vulnerable to... |
| CVE-2023-5126 | 2023-10-24 | The Delete Me plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5740 | 2023-10-24 | The Live Chat with Facebook Messenger plugin for WordPress is... |
| CVE-2023-5744 | 2023-10-24 | The Very Simple Google Maps plugin for WordPress is vulnerable... |
| CVE-2023-20273 | 2023-10-24 | A vulnerability in the web UI feature of Cisco IOS... |
| CVE-2023-46128 | 2023-10-24 | Exposure of hashed user passwords via REST API in Nautobot |
| CVE-2023-5363 | 2023-10-24 | Incorrect cipher key & IV length processing |
| CVE-2023-5753 | 2023-10-24 | Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem |
| CVE-2023-42031 | 2023-10-24 | IBM CICS TX denial of service |
| CVE-2023-43506 | 2023-10-24 | Local Privilege Escalation in ClearPass OnGuard Linux Agent |
| CVE-2023-43507 | 2023-10-24 | Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface |
| CVE-2023-43508 | 2023-10-24 | Authorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management Interface |
| CVE-2023-43509 | 2023-10-24 | Unauthenticated Endpoint Allows Sending Arbitrary OnGuard Notifications |
| CVE-2023-43510 | 2023-10-24 | Authenticated Remote Command Injection in ClearPass Policy Manager Web-Based Management Interface Leading to Partial System Compromise |
| CVE-2023-39231 | 2023-10-24 | PingFederate PingOne MFA IK Device Pairing Second Factor Authentication Bypass |
| CVE-2023-5758 | 2023-10-24 | When opening a page in reader mode, the redirect URL... |
| CVE-2023-41339 | 2023-10-24 | Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer |
| CVE-2023-4606 | 2023-10-24 | An authenticated XCC user with Read-Only permission can change a... |
| CVE-2023-4607 | 2023-10-24 | An authenticated XCC user can change permissions for any user... |
| CVE-2023-4608 | 2023-10-24 | An authenticated XCC user with elevated privileges can perform blind... |
| CVE-2023-3112 | 2023-10-24 | A vulnerability was reported in Elliptic Labs Virtual Lock Sensor... |
| CVE-2022-0353 | 2023-10-24 | A denial of service vulnerability was reported in the Lenovo... |
| CVE-2022-3698 | 2023-10-24 | A denial of service vulnerability was reported in the Lenovo... |
| CVE-2022-3699 | 2023-10-24 | A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin... |
| CVE-2023-39930 | 2023-10-24 | PingFederate PingID Radius PCV Authentication Bypass |
| CVE-2023-5752 | 2023-10-24 | Mercurial configuration injectable in repo revision when installing via pip |
| CVE-2023-5568 | 2023-10-24 | Samba: heap buffer overflow with freshness tokens in the heimdal kdc |
| CVE-2023-26219 | 2023-10-24 | TIBCO Operational Intelligence Hawk RedTail Credential Exposure Vulnerability |
| CVE-2023-46126 | 2023-10-24 | Fides JavaScript Injection Vulnerability in Privacy Center URL |
| CVE-2023-43795 | 2023-10-24 | WPS Server Side Request Forgery in GeoServer |
| CVE-2023-46125 | 2023-10-24 | Fides Information Disclosure Vulnerability in Config API Endpoint |
| CVE-2023-46124 | 2023-10-24 | Server-Side Request Forgery Vulnerability in Custom Integration Upload |
| CVE-2023-46120 | 2023-10-24 | RabbitMQ Java client's lack of message size limitation leads to remote DoS attack |
| CVE-2023-46118 | 2023-10-24 | Denial of Service by publishing large messages over the HTTP API |
| CVE-2023-46136 | 2023-10-24 | Werkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning |
| CVE-2023-38845 | 2023-10-25 | An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote... |
| CVE-2023-38846 | 2023-10-25 | An issue in Marbre Lapin Line v.13.6.1 allows a remote... |
| CVE-2023-38847 | 2023-10-25 | An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote... |
| CVE-2023-38848 | 2023-10-25 | An issue in rmc R Beauty CLINIC Line v.13.6.1 allows... |
| CVE-2023-38849 | 2023-10-25 | An issue in tire-sales Line v.13.6.1 allows a remote attacker... |
| CVE-2023-43905 | 2023-10-25 | Incorrect access control in writercms v1.1.0 allows attackers to directly... |
| CVE-2023-43906 | 2023-10-25 | Xolo CMS v0.11 was discovered to contain a reflected cross-site... |
| CVE-2023-43961 | 2023-10-25 | An issue in Dromara SaToken version 1.3.50RC and before when... |
| CVE-2023-44794 | 2023-10-25 | An issue in Dromara SaToken version 1.36.0 and before allows... |
| CVE-2023-46345 | 2023-10-25 | Catdoc v0.95 was discovered to contain a NULL pointer dereference... |
| CVE-2023-46346 | 2023-10-25 | In the module "Product Catalog (CSV, Excel, XML) Export PRO"... |
| CVE-2023-46347 | 2023-10-25 | In the module "Step by Step products Pack" (ndk_steppingpack) version... |
| CVE-2023-46358 | 2023-10-25 | In the module "Referral and Affiliation Program" (referralbyphone) version 3.5.1... |
| CVE-2023-46396 | 2023-10-25 | Audimex 15.0.0 is vulnerable to Cross Site Scripting (XSS) in... |
| CVE-2023-46408 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46409 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46410 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46411 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46412 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46413 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution... |
| CVE-2023-46414 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46415 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46416 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46417 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46418 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46419 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46420 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |
| CVE-2023-46421 | 2023-10-25 | TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command... |